Nmap Development mailing list archives
Openssl CCS-Inject script - False positives and varying results across versions downloaded on 07/15 and 07/24
From: Narsi <naresh.palaparthi () gmail com>
Date: Thu, 24 Jul 2014 13:23:08 +0530
Hi, There! I downloaded the ssl-ccs-injection.nse script from http://www.nmap.org/nsedoc/scripts/ssl-ccs-injection.html to validate that one of our hosts vulnerability status. Environment: CentOS Host runs Node v 0.8.17 which comes with OpenSSL 1.0.0 (Clearly Vulnerable) *Iteration 1*: *Step*: Downloaded ssl-ccs-injection.nse on 07/15 and executed it *Result*: | ssl-ccs-injection: | VULNERABLE: | SSL/TLS MITM vulnerability (CCS Injection) | State: VULNERABLE Flagged it as an issue and alerted the admin responsible to take corrective actions as identified by CVE. Time Flies... *Iteration 2*: *Step: * Admin downloads script from location above and runs a scan *Result:* Flags no vulnerability Out of curiosity, I diffed the scripts and found that there are some significant differences. [image: Inline image 1] I need help in figuring out which of the outputs is valid (purely from CVE perspective) Output of previous script is valid. Just wanted to flag this as the script might just be around and more people might be using it as time goes on. Thanks Galeleo Narsi
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Openssl CCS-Inject script - False positives and varying results across versions downloaded on 07/15 and 07/24 Narsi (Jul 24)